Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC86F/47BA28AE13F611EE925F0A36C4F9AE02/AE1747DE13FC11EEAD14AF35C4F9AE02.roa
File: AE1747DE13FC11EEAD14AF35C4F9AE02.roa (raw, json)
Hash identifier: IQBn4ZS4C/ZFnSsdM9cr5llJmaKNs+18E9KjqV8Ptcw=
Subject key identifier: E4:33:EC:AC:27:33:35:6F:49:A8:C7:C5:F0:0F:83:61:13:C1:A7:8F
Certificate issuer: /CN=A91CC86F/serialNumber=6BADD7D5D1128112D70AB4A2452401428F9D097B
Certificate serial: B6
Authority key identifier: 6B:AD:D7:D5:D1:12:81:12:D7:0A:B4:A2:45:24:01:42:8F:9D:09:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a63X1dESgRLXCrSiRSQBQo-dCXs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CC86F/47BA28AE13F611EE925F0A36C4F9AE02/AE1747DE13FC11EEAD14AF35C4F9AE02.roa
Signing time: Fri 31 May 2024 07:42:24 +0000
ROA not before: Fri 31 May 2024 07:42:24 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 151346
IP address blocks: 103.208.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182 (0xb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CC86F
Validity
Not Before: May 31 07:42:24 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66597f5f-c46c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ec:99:52:1e:73:01:30:8f:fc:70:0a:56:7f:
89:34:ef:92:d6:b2:e2:77:0e:fb:0b:d5:66:0c:cb:
4a:c6:0c:25:54:45:8f:71:9f:57:ca:8d:d5:a5:35:
f7:d1:eb:29:b3:f9:bb:5a:e5:a6:b5:06:5f:f9:7a:
7c:a7:d9:68:ce:4e:3c:3a:88:64:3a:5c:85:e9:d0:
d8:6a:19:95:4b:00:af:a6:d8:b3:08:5b:5f:50:3e:
ae:86:e3:83:12:53:e8:3e:c2:37:03:47:4a:f9:69:
41:29:d2:e7:e0:fc:ef:1d:f9:c6:31:71:3e:96:4f:
1c:d7:83:9f:33:a8:df:77:b4:02:29:ee:8a:f9:a3:
8a:ce:72:61:99:a6:53:11:59:26:ad:43:5f:ea:a0:
38:f2:73:35:c0:5f:ff:2c:2f:3f:a3:a6:56:6f:0f:
84:c2:13:e3:13:5d:85:f1:42:c1:45:7b:40:5e:10:
1e:7b:d4:cf:77:5c:1d:04:e4:cc:8a:59:21:f6:de:
e0:ca:7b:dc:c9:3f:7b:8f:78:4b:9c:48:cd:61:1d:
30:03:fc:49:58:c0:cc:86:45:03:0b:4b:c8:02:33:
66:f0:34:b7:6f:c4:ea:7e:33:c7:f6:3d:91:3a:7c:
84:ed:9e:86:dd:66:b2:cb:d5:ba:6b:51:a8:cc:02:
73:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:33:EC:AC:27:33:35:6F:49:A8:C7:C5:F0:0F:83:61:13:C1:A7:8F
X509v3 Authority Key Identifier:
keyid:6B:AD:D7:D5:D1:12:81:12:D7:0A:B4:A2:45:24:01:42:8F:9D:09:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CC86F/47BA28AE13F611EE925F0A36C4F9AE02/a63X1dESgRLXCrSiRSQBQo-dCXs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a63X1dESgRLXCrSiRSQBQo-dCXs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC86F/47BA28AE13F611EE925F0A36C4F9AE02/AE1747DE13FC11EEAD14AF35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.208.65.0/24
Signature Algorithm: sha256WithRSAEncryption
44:e1:7d:05:20:94:53:de:60:ec:12:6c:1a:20:80:51:cb:3c:
10:a4:43:91:bf:c0:02:88:a2:2d:74:b3:37:30:b1:d0:1d:62:
34:35:ec:dd:6b:c1:5b:d9:3f:68:2d:fe:25:d2:84:5d:6d:fb:
2b:48:20:04:9f:37:04:bc:17:74:2d:d8:61:f7:24:a4:17:1f:
87:f7:55:d6:80:b3:b6:7c:78:5c:52:ae:5a:51:ab:85:56:b6:
8a:ca:1c:ce:b8:6c:f7:88:b2:b0:da:86:65:c5:30:80:df:7b:
f5:fb:6b:82:73:9c:ce:6d:7a:aa:0c:66:57:53:a2:6b:79:a5:
e0:ad:c5:39:4b:b9:af:0f:d4:12:5f:ee:2e:06:16:12:2d:1c:
46:81:d0:d9:07:c2:0d:04:5b:ec:7b:05:ae:a9:0f:88:b2:cf:
90:98:63:f7:98:b6:1e:de:55:c8:16:1e:cc:6b:d9:04:4f:b6:
b8:28:fb:12:45:d2:b3:ab:8b:0a:d9:12:c5:df:1c:74:45:2a:
35:57:40:10:cd:f7:c3:06:53:8f:38:d5:34:b0:47:e2:68:51:
cb:16:d3:b7:40:c0:04:60:19:dc:23:42:48:ad:08:55:49:f2:
78:dd:05:df:fc:3c:cd:1d:7e:1c:82:1b:86:ea:c0:f2:82:5b:
6b:81:f4:95
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0M4NkYxMTAvBgNVBAUTKDZCQUREN0Q1RDExMjgxMTJENzBBQjRBMjQ1MjQwMTQy
OEY5RDA5N0IwHhcNMjQwNTMxMDc0MjI0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU5N2Y1Zi1jNDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAneyZUh5zATCP/HAKVn+JNO+S1rLidw77C9VmDMtKxgwlVEWPcZ9Xyo3VpTX3
0esps/m7WuWmtQZf+Xp8p9lozk48OohkOlyF6dDYahmVSwCvptizCFtfUD6uhuOD
ElPoPsI3A0dK+WlBKdLn4PzvHfnGMXE+lk8c14OfM6jfd7QCKe6K+aOKznJhmaZT
EVkmrUNf6qA48nM1wF//LC8/o6ZWbw+EwhPjE12F8ULBRXtAXhAee9TPd1wdBOTM
ilkh9t7gynvcyT97j3hLnEjNYR0wA/xJWMDMhkUDC0vIAjNm8DS3b8TqfjPH9j2R
OnyE7Z6G3Wayy9W6a1GozAJzhwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOQz7Kwn
MzVvSajHxfAPg2ETwaePMB8GA1UdIwQYMBaAFGut19XREoES1wq0okUkAUKPnQl7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzg2Ri80N0JBMjhBRTEz
RjYxMUVFOTI1RjBBMzZDNEY5QUUwMi9hNjNYMWRFU2dSTFhDclNpUlNRQlFvLWRD
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2E2M1gxZEVTZ1JMWENyU2lSU1FCUW8tZENYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0M4NkYvNDdCQTI4QUUxM0Y2MTFFRTkyNUYwQTM2QzRGOUFFMDIvQUUxNzQ3REUx
M0ZDMTFFRUFEMTRBRjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn0EEwDQYJKoZIhvcNAQELBQADggEBAEThfQUglFPeYOwS
bBoggFHLPBCkQ5G/wAKIoi10szcwsdAdYjQ17N1rwVvZP2gt/iXShF1t+ytIIASf
NwS8F3Qt2GH3JKQXH4f3VdaAs7Z8eFxSrlpRq4VWtorKHM64bPeIsrDahmXFMIDf
e/X7a4JznM5teqoMZldTomt5peCtxTlLua8P1BJf7i4GFhItHEaB0NkHwg0EW+x7
Ba6pD4iyz5CYY/eYth7eVcgWHsxr2QRPtrgo+xJF0rOriwrZEsXfHHRFKjVXQBDN
98MGU4841TSwR+JoUcsW07dAwARgGdwjQkitCFVJ8njdBd/8PM0dfhyCG4bqwPKC
W2uB9JU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:35:52 2025 by rpki-client